Header$type=social_icons

The Most Dangerous RedEye Ransomware Destroys Your PC Files If Payment Isn’t Made

Most Dangerous RedEye Ransomware. The Most Dangerous RedEye Ransomware Destroys Your PC Files If Payment Isn’t Made.A new ransomware named RedEye has caught the eye of a security researcher, who discovered the malware back in February. It claims to destroy the victim’s computer if the payment isn’t made. It’s worth noting that the new strain is created by the author of Annabelle ransomware.

The Most Dangerous RedEye Ransomware Destroys Your PC Files If Payment Isn’t Made
By:
Gnaneshwar Gaddam
2018-06-09T16:51:00+05:30
5.0
stars based on
35
Reviews
Most Dangerous RedEye Ransomware We all heard about WannaCry ransomware that the whole world has gone through, the first thing that m...

Most Dangerous RedEye Ransomware We all heard about WannaCry ransomware that the whole world has gone through, the first thing that m...

Most Dangerous RedEye Ransomware

We all heard about WannaCry ransomware that the whole world has gone through, the first thing that many people know is how Ransomware works.

The latest yet another powerful most dangerous RedEye Ransomware came to enlightenment. This was also created by an old ransomware creator named "Annabelle Ransomware".

This ransomware is named "RedEye" by the author "iCoreX".

The first noticeable thing about this file is the huge file size: 35.0 MB (36657152 bytes). This is due to three media files, specifically images and audio files, embedded in the binary.

It contains three ".wav" files:

child.wav

redeye.wav

suicide.wav

All these three audio files play a "creepy" sound, intended to scare the user which once terrorizes us after being infected with our computer.

Additionally, the binary file is protected with ConfuserEx, Compression, and a few other tricks. It ultimately replaces the MBR as well as performs some steps to make the removal difficult; it hides disk drives, disables task manager, etc.

What Happens when user executing this RedEye Ransomware in his PC?

Just like Wanna cry Ransomware, this RedEye Ransomware also perform a set of actions to make removal quite difficult, for example; it will disable task manager and in this iteration, will also hide your drives.

a ransom message is then displayed as follows:

Ransom message

The ransom note with the binary displays a message that states that AES256 algorithm has encrypted all the personal files. It actually overwrites or fills the files with 0 bytes.

It goes without saying that the only claimed way to get back the files is to make a 0.1 Bitcoins payment. “You got 4 days to pay when the time is up, then your PC will be fully destroyed,” the message reads.

Sources of RedEye ransomware:

Spam emails that contain malicious attachments or hyperlinks.

Compromised websites that have to exploit code injected in their web pages.

Vulnerabilities in unpatched Windows operating system.

Vulnerabilities in outdated web browsers.

Drive-by downloads.

Fake Flash Player update websites.

Installing pirated software or operating systems.

Facebook spam messages that contain malicious attachments or links.

Malicious SMS messages (ransomware may target mobile devices).

Malvertising campaigns (pop-up and banner ads).

Self-propagation (spreading from one infected PC to another via LAN networks).

COMMENTS

CEO | SAVEDEL

Hey, I'm Gnaneshwar!

I'm Founder/CEO @Savedel from Mahabubnagar, India. Blogging since Jan-2013. I'm Privileged to help people and solve many Tech problems(Tech savvy) every day. My passion for Tech Support makes falls just sort of my Love (❤️) for Competition all over the World.

The Most Dangerous RedEye Ransomware Destroys Your PC Files If Payment Isn’t Made

Most Dangerous RedEye Ransomware. The Most Dangerous RedEye Ransomware Destroys Your PC Files If Payment Isn’t Made.A new ransomware named RedEye has caught the eye of a security researcher, who discovered the malware back in February. It claims to destroy the victim’s computer if the payment isn’t made. It’s worth noting that the new strain is created by the author of Annabelle ransomware.